Tcu0N9

**Name of the Vulnerable Software and Affected Versions** Librenms versions up to 24.10.1 **Description** The issue is a stored XSS that affects the parameters of the `/device/$DEVICE ID/edit` endpoint, specifically the `display` parameter. This allows remote attackers to inject malicious scripts, which execute when a user views or interacts with the page displaying the data, potentially leading to unauthorized actions or data exposure. **Recommendations** For Librenms versions up to 24.10.1, upgrade to release version 24.11.0 to address the issue. As a temporary workaround, consider restricting access to the `/device/$DEVICE ID/edit` endpoint and avoiding the use of the `display` parameter until the issue is resolved. Additionally, users can restrict interactions with pages that display data from the vulnerable endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Librenms versions up to 24.10.1 **Description** The issue is a stored XSS that affects the parameter: `ajax form.php` -> param: `state`. This allows remote attackers to inject malicious scripts, which execute immediately when a user views or interacts with the page displaying the data, potentially leading to unauthorized actions or data exposure. **Recommendations** For Librenms versions up to 24.10.1, upgrade to release version 24.11.0 to address the issue. As a temporary workaround, consider restricting access to the `ajax form.php` endpoint or disabling the `dynamic override config` function until a patch is available. Avoid using the `state` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Librenms versions up to 24.10.1 **Description** The issue concerns Cross-site Scripting (XSS) in the `/addhost` API endpoint, specifically in the `community` parameter. This allows remote attackers to inject malicious scripts, which execute when a user views or interacts with the page displaying the data. The malicious script can lead to potential unauthorized actions or data exposure. The issue has been addressed in release version 24.11.0. **Recommendations** For Librenms versions up to 24.10.1, update to version 24.11.0 to resolve the issue. As a temporary workaround, consider restricting access to the `/addhost` API endpoint and the `community` parameter to minimize the risk of exploitation. Avoid using the `community` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Librenms versions up to 24.11.0 **Description** The issue concerns a stored XSS vulnerability in the parameters of the `/device/$DEVICE ID/edit` endpoint, specifically the `display` parameter. This allows remote attackers to inject malicious scripts, which execute when a user views or interacts with the page displaying the data. The vulnerability can lead to potential unauthorized actions or data exposure. **Recommendations** For Librenms versions up to 24.11.0, upgrade to release version 24.12.0 to address the issue. As a temporary workaround, consider restricting access to the `/device/$DEVICE ID/edit` endpoint and the `display` parameter to minimize the risk of exploitation. Avoid using the `display` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Librenms versions prior to 24.11.0 **Description** The issue is related to a stored XSS vulnerability in the parameter: `/ajax form.php` -> param: `descr`. This allows remote attackers to inject malicious scripts, which execute immediately when a user views or interacts with the page displaying the data, potentially leading to unauthorized actions or data exposure. **Recommendations** For versions up to 24.10.1, update to version 24.11.0 to resolve the issue. As a temporary workaround, consider restricting access to the `/ajax form.php` endpoint until the update is applied. Avoid using the `descr` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no other information about additional workarounds for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LGSL (Live Game Server List) versions up to and including 6.2.1 **Description** The issue is related to a reflected cross-site scripting vulnerability in the `Referer` HTTP header. This vulnerability allows attackers to inject arbitrary JavaScript code, which is reflected in the HTML response without proper sanitization. When crafted malicious input is provided in the `Referer` header, it is echoed back into an HTML attribute in the application’s response. The vulnerability is present in the `/lgsl files/lgsl list.php` endpoint, specifically in the lines where the `$uri` variable is set based on the `HTTP REFERER` header. **Recommendations** For LGSL (Live Game Server List) versions up to and including 6.2.1, update to a version that includes the patch commit 7ecb839df9358d21f64cdbff5b2536af25a77de1 to resolve the issue. As a temporary workaround, consider restricting access to the `/lgsl files/lgsl list.php` endpoint to minimize the risk of exploitation. Avoid using the `Referer` header with untrusted input until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** LibreNMS versions 24.9.0 through 24.10.0 **Description** A stored cross-site scripting (XSS) vulnerability in the Device Settings section of LibreNMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Display Name` parameter. This vulnerability can be exploited by a remote attacker to conduct cross-site scripting attacks. **Recommendations** For LibreNMS versions 24.9.0 through 24.10.0, update to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.